3abd85f186f854c737e2c607bad74ce346dd3db3035d6affbff8099f570a9530

Sharing

Copy URL

Twitter E-mail

General

Target

3abd85f186f854c737e2c607bad74ce346dd3db3035d6affbff8099f570a9530
Size

2.7MB
MD5

8fc5b1d23387ca0b0e1ddda4cb417708
SHA1

5790d8fddd8bb23cb48702ec8ccefb8c8f8a9731
SHA256

3abd85f186f854c737e2c607bad74ce346dd3db3035d6affbff8099f570a9530
SHA512

63421f40eeff59749e1d5e6aaf043cd1917fcd5ab6f261396a2d3b90e37825cf756b556986c825a18615202d1fa5a8c9e38e7d89ad97170dbdf4cd877c5a502a
SSDEEP

49152:eyKa6MDQoWNICF1V1GJeUyJYFqVDHa7aBzEBbs8CuEntZ3knVRAdiHF+N:e/zMDQolDyOFkakoBbctZ3knxUN

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
themida

Processes:

resource yara_rule

sample themida

resource	yara_rule
sample	themida

Files

3abd85f186f854c737e2c607bad74ce346dd3db3035d6affbff8099f570a9530
.exe windows x86

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 104KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

?? ย
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

Headers

DLL Characteristics

File Characteristics

Sections

Size: 104KB - Virtual size: 208KB

Size: 278KB - Virtual size: 278KB

Size: 512B - Virtual size: 12B

.idata Size: 512B - Virtual size: 8KB

.themida Size: - Virtual size: 4.3MB

.boot Size: 2.3MB - Virtual size: 2.3MB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

?? ย Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 8KB

.themida
Size: - Virtual size: 4.3MB

.boot
Size: 2.3MB - Virtual size: 2.3MB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

?? ย
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB